Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.
References
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 02:02
Type | Values Removed | Values Added |
---|---|---|
Summary | Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows. |
Information
Published : 2008-07-09 00:41
Updated : 2024-02-28 11:21
NVD link : CVE-2008-2376
Mitre link : CVE-2008-2376
CVE.ORG link : CVE-2008-2376
JSON object : View
Products Affected
ruby-lang
- ruby
redhat
- fedora_8
CWE
CWE-189
Numeric Errors